{% extends "base.html" %}
{# Copyright The IETF Trust 2015, All Rights Reserved #}
{% load origin %}
{% load django_bootstrap5 %}
{% load static %}
{% block title %}Change password{% endblock %}
{% block js %}
    {{ block.super }}
    {{ form.media.js }}
{% endblock %}
{% block content %}
    {% origin %}
    <!-- [html-validate-disable-block no-inline-style, prefer-native-element -- FIXME: django_password_strength uses outdated HTML] -->
    {% if success %}
        <p class="alert alert-success my-3">
            Your password was successfully changed.
        </p>
        {% if not user.is_authenticated %}
            <a
               class="btn btn-primary"
               href="{% url 'ietf.ietfauth.views.login' %}"
               rel="nofollow">Sign in</a>
        {% endif %}
    {% else %}
        <h1>Change password</h1>
        {% if update_user and update_user != user %}
            <div class="alert alert-info my-3">
                This will change the password for user {{ update_user }}.
            </div>
        {% endif %}
        <form method="post" class="my-3">
            {% csrf_token %}
            {% bootstrap_form form %}
            <button type="submit" class="btn btn-primary">Change password</button>
        </form>
        <div class="alert alert-info mt-5">
            <b>Password strength requirements: </b>
            You must choose a password at least 12 characters long that scores at least a 3 according to the
            <a href="https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/">zxcvbn</a>
            password strength estimator. A warning will appear if your password does not meet this standard.
            <hr>
            <b>Online attack: </b>
            The crack time estimate given above assumes an online attack at a rate of 10 attempts per second.
            It is only a very rough guideline.
            <hr>
            <b>Offline cracking: </b>
            The datatracker currently uses the <code>{{ hasher.algorithm }}</code>
            password hasher with
            {% if hasher.iterations %}
                {{ hasher.iterations }} iterations
            {% elif hasher.rounds %}
                {{ hasher.rounds }} rounds
            {% elif hasher.time_cost and hasher.memory_cost and hasher.parallelism %}
                <code>time cost {{ hasher.time_cost }}</code>, <code>memory cost {{ hasher.memory_cost }}</code>
                and <code>parallelism {{ hasher.parallelism }}</code>{% endif %}.

            Calculating offline attack time if password hashes should leak is left
            as an exercise for the reader.
            <span class="password_strength_offline_info d-none">
                As a guideline, if we assume offline hashing using the current hasher
                at a speed of 10<sup>4</sup> attempts per second, this password would
                take <em class="password_strength_time"></em> to crack.
            </span>
        </div>
{% endif %}
{% endblock %}